Monday, May 16, 2011

Facebook To Lazy Developpers, Fix Authentication Leaks Or Else.

Facebook is serious about autentication leaks that Symantec discovered last week. Facebook also had a blog post on Oauth 2.0 requirement that will go in to effect on September 1 this year. Oauth 2.0 is supposed to be more secure.
But Facebook is not letting those leaky apps that Symantec exposed, sit idle till September 1, 2011. Those developers have received the following email from facebook;

Our automated systems have detected that you may be inadvertently allowing authentication data to be passed to 3rd parties. Allowing user ids and access tokens to be passed to 3rd parties, even inadvertently, could allow these 3rd parties to access the data the user made available to your site. This violates our policies and undermines user trust in your site and Facebook Platform.
In every case that we have examined, this information is passed via the HTTP Referer Header by the user’s browser. This can happen when using our legacy authentication system and including

Would you “Like” the name Like?

After hearing some people naming their babies with likes of "facebook", and other dumb things, it is less painfull to hear about the Israeli couple who named their baby "Like" after facebook's like button.At least it is more likable than the rest!
I am sure Google must be waiting for someone to name their child "Googlie" or Twitter looking for "Tweetie". In any case I feel these are insane decisions made without thinking about the child it self.
I always wondered why most kids say that they hate their parents because I did not. I think now I am begining to understand.
Via Mashable